CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Email Security

GreatHorn Expands Email Security Platform

Waltham, MA-based GreatHorn has expanded its machine-learning phishing protection system into a complete email security platform. “This major new expansion of the Company’s flagship solution,” it announced on November 14, “addresses every potential stage of a phishing attack with integrated threat detection, protection, defense, and incident response.”

Waltham, MA-based GreatHorn has expanded its machine-learning phishing protection system into a complete email security platform. “This major new expansion of the Company’s flagship solution,” it announced on November 14, “addresses every potential stage of a phishing attack with integrated threat detection, protection, defense, and incident response.”

“We believe that email is the most critical business communication system in existence, and that requires best-in-class protection,” explains GreatHorn’s CEO and co-founder Kevin O’Brien, “not just a small point solution, plug-in or add-on.”

Four new modules have been added to the existing product: imposter protection (which offers protection against attacks via spoofed and look-alike domains, and business email compromise — BEC  — attacks); link protection (which includes automated URL sandboxing to protect against link-based credential theft); attachment protection (including file isolation for protection against zero-day attacks via attachments); and mailbox protection (providing personalized email protection for users based on their individual communication patterns and relationships).

The mailbox protection module is effectively a new product available as an Outlook or Chrome plug-in. It is available today in beta from GreatHorn; but will soon be on general release via the Microsoft Office Store or the Google Chrome Web Store. Its purpose is to provide the user with the tools and context necessary to make better decisions on how they interact with their email.

O’Brien believes that users are often dismissed as the company’s weakest link without ever being given the information necessary to make intelligent decisions. “The security industry continues to treat users as the ëweakest link’ in their security practices, rather than as intelligent, informed, and vital parts of a true security posture,” he said. 

“Until today, email users have not been provided with meaningful context or the security tools they need to make better risk decisions at the moment that they open and interact with their messages. With GreatHorn Mailbox Protection, however, relationship and risk data will be immediately and easily accessible to the user without needing technical training or having to navigate to another system. GreatHorn Mailbox Protection empowers end users to take action from the front lines, further reducing their organizations’ susceptibility to today’s advanced email attacks.”

Information provided to the email user includes the strength of their relationship (and that of their organization) with the sender; the data of their most recent outbound communication with the sender, the likelihood that the email comes from the purported domain; and the relative risk of any embedded links within the email.

The user is then able to make an intelligent decision — to accept the email at face value, to mark it as phishing and quarantine it, or as spam and delete it, or to add the sender to a personal block list to reduce unwanted email.

Advertisement. Scroll to continue reading.

The platform isn’t simply based on the addition of the new modules — the existing product has also been enhanced. “As part of the expansion,” GreatHorn told SecurityWeek, “we have made substantial updates to other parts of the platform, specifically Adaptive Threat Detection, Automated Threat Defense, and Post-Delivery Incident Response, which run across the platform regardless of the type of attack.”

The threat detection algorithms have been improved in their ability to calculate relationship strength and communication patterns, and the organizational and technical fingerprinting is enhanced to detect more nuanced anomalies such as domain authentication drift.

Threat detection is improved with URL rewriting and sandboxing, and analysis at both ingest and time of click — with greater administrative control over user interaction with suspicious links. Threat-specific context and warnings with configurable banners have been added.

The new platform is well-received by GreatHorn customers. “As the nation’s largest financial life management firm, United Capital Partners is a constant target for cybercriminals looking to gain financial advantage,” commented Brandon Gage, senior vice president of technology at United Capital Partners. “Imposter Protection from phishing and other fraudulent cyber-attacks, in particular, has been a critical focus for our GreatHorn implementation. We’re pleased with the decreased risk profile we’ve achieved through our collaboration with GreatHorn and have already seen additional value with the solution’s improved spoofing detection.”

GreatHorn, founded in 2015 by Kevin O’Brien and Raymond Wallace, raised $6.3 million Series A funding led by TechStars Venture Capital Fund and .406 Ventures in June 1027.

Related: State of Email Security: What Can Stop Email Threats? 

Related: DMARC Use is Growing, But Difficult to Configure Correctly and Completely 

Related: The Disconnect Between Understanding Email Threats and Preventing Them 

Related: Email Impersonation Attacks Increase by 80% 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.


Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...